Don't set REMEMBER_ME if it's disabled at realm level
Closes https://github.com/keycloak/keycloak/issues/11330
This commit is contained in:
rmartinc
Marek Posolda
parent
4cf5c11020
commit
06ff8b016c
2 changed files with 39 additions and 20 deletions
|
|
@ -207,7 +207,7 @@ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuth
|
|||
return false;
|
||||
}
|
||||
String rememberMe = inputData.getFirst("rememberMe");
|
||||
boolean remember = rememberMe != null && rememberMe.equalsIgnoreCase("on");
|
||||
boolean remember = context.getRealm().isRememberMe() && rememberMe != null && rememberMe.equalsIgnoreCase("on");
|
||||
if (remember) {
|
||||
context.getAuthenticationSession().setAuthNote(Details.REMEMBER_ME, "true");
|
||||
context.getEvent().detail(Details.REMEMBER_ME, "true");
|
||||
|
|
|
|||
|
|
@ -16,7 +16,16 @@
|
|||
*/
|
||||
package org.keycloak.testsuite.forms;
|
||||
|
||||
import org.jboss.arquillian.drone.api.annotation.Drone;
|
||||
import java.io.Closeable;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
import javax.ws.rs.client.Client;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Rule;
|
||||
|
|
@ -25,7 +34,6 @@ import org.keycloak.OAuth2Constants;
|
|||
import org.keycloak.admin.client.resource.ClientResource;
|
||||
import org.keycloak.admin.client.resource.UserResource;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.common.util.Retry;
|
||||
import org.keycloak.crypto.Algorithm;
|
||||
import org.keycloak.events.Details;
|
||||
import org.keycloak.events.Errors;
|
||||
|
|
@ -42,13 +50,12 @@ import org.keycloak.representations.idm.ClientScopeRepresentation;
|
|||
import org.keycloak.representations.idm.EventRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.console.page.AdminConsole;
|
||||
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.AppPage.RequestType;
|
||||
|
|
@ -60,25 +67,13 @@ import org.keycloak.testsuite.util.AdminClientUtil;
|
|||
import org.keycloak.testsuite.util.ContainerAssume;
|
||||
import org.keycloak.testsuite.util.DroneUtils;
|
||||
import org.keycloak.testsuite.util.InfinispanTestTimeServiceRule;
|
||||
import org.keycloak.testsuite.util.JavascriptBrowser;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.Matchers;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
import org.keycloak.testsuite.util.TokenSignatureUtil;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
import org.keycloak.testsuite.util.WaitUtils;
|
||||
import java.io.Closeable;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
|
||||
import javax.ws.rs.client.Client;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import org.apache.commons.lang3.RandomStringUtils;
|
||||
import org.openqa.selenium.JavascriptExecutor;
|
||||
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.equalTo;
|
||||
|
|
@ -91,7 +86,6 @@ import static org.keycloak.common.Profile.Feature.DYNAMIC_SCOPES;
|
|||
import static org.keycloak.testsuite.admin.ApiUtil.findClientByClientId;
|
||||
import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT;
|
||||
import static org.keycloak.testsuite.util.OAuthClient.SERVER_ROOT;
|
||||
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf;
|
||||
import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
|
||||
|
||||
/**
|
||||
|
|
@ -661,6 +655,31 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
|
|||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loginWithRememberMeNotSet() {
|
||||
loginPage.open();
|
||||
assertFalse(loginPage.isRememberMeCheckboxPresent());
|
||||
// fake create the rememberme checkbox
|
||||
((JavascriptExecutor) driver).executeScript(
|
||||
"var checkbox = document.createElement('input');" +
|
||||
"checkbox.type = 'checkbox';" +
|
||||
"checkbox.id = 'rememberMe';" +
|
||||
"checkbox.name = 'rememberMe';" +
|
||||
"document.getElementsByTagName('form')[0].appendChild(checkbox);");
|
||||
|
||||
assertTrue(loginPage.isRememberMeCheckboxPresent());
|
||||
loginPage.setRememberMe(true);
|
||||
loginPage.login("login-test", "password");
|
||||
|
||||
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
|
||||
Assert.assertNotNull(oauth.getCurrentQuery().get(OAuth2Constants.CODE));
|
||||
EventRepresentation loginEvent = events.expectLogin().user(userId)
|
||||
.detail(Details.USERNAME, "login-test")
|
||||
.assertEvent();
|
||||
// check remember me is not set although it was sent in the form data
|
||||
Assert.assertNull(loginEvent.getDetails().get(Details.REMEMBER_ME));
|
||||
}
|
||||
|
||||
//KEYCLOAK-2741
|
||||
@Test
|
||||
public void loginAgainWithoutRememberMe() {
|
||||
|
|
|
|||
Loading…
Reference in a new issue